CVE-2003-0459: CVE-2003-0459

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2003-0459

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

KDE Konqueror HTTP REFERER验证信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

KDE是一款X Windows系统的图形桌面环境。Konqueror是K桌面环境的文件管理器，也可用于浏览WEB。 Konqueror不正确处理HTTP REFERER字段信息，远程攻击者可以利用这个漏洞通过网络嗅探获得用户验证的敏感信息。 Konqueror当提交类似 http://user:password@host/ 的URL请求时，会以明文方式并在用户不知晓的情况下，通过HTTP-referer字段发送出去，第三方用户可以通过截获网络通信获得这些敏感信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2003-0459

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2003-0459

Please Login to view more intelligence information

http://www.kde.org/info/security/advisory-20030729-1.txtx_refsource_CONFIRM
http://www.debian.org/security/2003/dsa-361vendor-advisoryx_refsource_DEBIAN
http://www.turbolinux.com/security/TLSA-2003-45.txtvendor-advisoryx_refsource_TURBO
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747vendor-advisoryx_refsource_CONECTIVA
http://www.redhat.com/support/errata/RHSA-2003-236.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2003-235.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2003:079vendor-advisoryx_refsource_MANDRAKE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A411vdb-entrysignaturex_refsource_OVAL
http://marc.info/?l=bugtraq&m=105986238428061&w=2mailing-listx_refsource_BUGTRAQ
http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007300.htmlmailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2003-0459

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2003-0459

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2003-0459

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2003-0459

III. Intelligence Information for CVE-2003-0459

New Vulnerabilities

V. Comments for CVE-2003-0459

Leave a comment